package com.saver.common.xss;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Enumeration;
import java.util.List;

/**
 * XSS过滤
 *
 * @author yuxiaolong
 * @email 1005471232@qq.com
 * @date 2018年08月12日 上午11:16
 */
public class XssFilter implements Filter {

    private List<String> filterChainDefinitionList;


    @Override
    public void init(FilterConfig config) {

    }

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest servletRequest = (HttpServletRequest) request;
        String requestURI = ((HttpServletRequest) request).getRequestURI();
        if (filterChainDefinitionList != null) {
            for (String s : filterChainDefinitionList) {
                if (requestURI.startsWith(s)) {
                    chain.doFilter(servletRequest, response);
                    return;
                }
            }
        }
        XssHttpServletRequestWrapper xssRequest = new XssHttpServletRequestWrapper(
                (HttpServletRequest) request);
        chain.doFilter(xssRequest, response);

    }

    public void setFilterChainDefinitionList(List<String> list) {
        this.filterChainDefinitionList = list;
    }

    @Override
    public void destroy() {
    }

}